In Pictures: 12 useful websites for IT security

From Microsoft and Cisco to the National Institute of Standards and Technology, we look at some of the most useful IT security websites

Whether it's dealing with Cisco, Microsoft and VMware-based networks or with open source tools, or perhaps just learning more about IT security, these websites all offer information you may need.

SourceForge has a section for open source security tools that seems almost endless.

If your organization has widely deployed VMware's virtualization platform, it's important to understand and keep up with security issues. In terms of VMware's own information, check out the VMware Security and Compliance Blog and the VMware Security Advisories, Certifications and Guides.

Trying to get a grasp of security in the cloud can feel like chasing one, but look into the resources at Cloud Security Alliance, the group with a strong user focus that can help you figure out if the wind is blowing in the right direction among cloud vendors.

The federal government's National Institute of Standards and Technology (NIST) plays a large role in setting IT security requirements that impact everything on the network, with a new emphasis on mobile and cloud-based computing, found at its Computer Security Resource Center in the Computer Security Division.

Feel like just hanging out and talking about security related to Google Android devices? Check out Google's Android Security Group, where questions get asked online and crowdsourced.

Microsoft puts out security bulletins when something related to its products and services really goes awry, but it's also worth following Microsoft Security Advisories, which also tackle security issues of importance.

Want to hear some of the latest thinking from Gartner security wonks? Check out the Gartner Blog Network, where you’ll find blogs from Gartner's Neil MacDonald, Avivah Litan, Dan Blum and Jay Heiser, among others.

If your organization accepts payment cards, then it has to follow the network security rules of the PCI Security Standards Council. To find out what that might mean, check out the Merchants section at the council's website.

Privacy Rights Clearinghouse is a nonprofit corporation based in San Diego whose website provides clear advice mainly for consumers with questions about workplace computer and phone monitoring, identity theft, privacy of medical records and more.

The Nmap Project of open source developers has a website listing its picks for the "125 Top Security Tools," which can be found at sectools.org.

Packet Storm is a nonprofit organization whose site offers timely updates on security issues as well as a wide range of open source security tools, such as Hydra.

Copyright 2018 IDG Communications. ABN 14 001 592 650. All rights reserved. Reproduction in whole or in part in any form or medium without express written permission of IDG Communications is prohibited.